News

Intel Chief Gabbard’s Password Reuse: A Security Risk?

7234
07
May

Director of National Intelligence Tulsi Gabbard’s past cybersecurity habits are under scrutiny. Leaked records reveal she repeatedly used the same easily-guessable password across multiple personal accounts for years, raising concerns about potential security vulnerabilities.

The revelation follows an incident where sensitive military operation details were inadvertently shared with a journalist in a Signal group chat involving Gabbard, compounding worries about her security protocols.

An investigation by WIRED, using breached data from District4Labs and Constella Intelligence, uncovered Gabbard’s password reuse. During her time in Congress (2013-2021), where she served on key committees like Armed Services and Foreign Affairs, she allegedly employed the same password for various email addresses and online platforms, violating fundamental cybersecurity principles. Notably, there’s no evidence suggesting this password was used for government accounts.

Combolists from 2017 and 2019 showed the password linked to her personal website’s email and Gmail accounts. Records dating back to 2012 also indicated its use for Dropbox and LinkedIn accounts associated with her website’s email. Furthermore, breaches from 2018 revealed its presence on a MyFitnessPal account (linked to a me.com email) and a now-defunct ecommerce site, HauteLook.

The compromised password apparently included “shraddha,” a word seemingly significant to Gabbard. Earlier reports linked her to the Science of Identity Foundation, with claims she received the name “Shraddha Dasi.” Gabbard’s team has vehemently denied any affiliation with the organization, dismissing related inquiries as “Hinduphobic smears.”

In response to WIRED’s investigation, a Gabbard spokesperson stated, “The data breaches you’re referring to occurred almost 10 years ago, and the passwords have changed multiple times since.”

Cybersecurity experts strongly advise against password reuse. A single breach can expose numerous accounts if the same password is used across different platforms. Compromised email accounts, in particular, can lead to the resetting of credentials for other critical services.

The Cybersecurity Infrastructure and Security Agency (CISA) recommends using password managers to generate unique, complex passwords (at least 16 characters or four unrelated words) for each online account.

As Director of National Intelligence, Gabbard oversees the entire US intelligence community, managing a substantial budget and advising the President and National Security Council on critical intelligence matters. This role demands the highest level of security awareness and practice.

Past criticisms, including accusations of being a “direct threat to our national security” due to statements on Syrian President Assad and perceived ties to Russian media, were addressed by Gabbard during her confirmation hearings. She refuted claims of divided loyalties, asserting her allegiance to the Constitution.

Key Takeaways:

  • Password Reuse: Tulsi Gabbard allegedly reused a weak password across multiple personal accounts for years.
  • Security Risks: This practice violates cybersecurity best practices and could expose accounts to breaches.
  • Official Response: Gabbard’s team claims the breaches are old, and passwords have since been changed.
  • Cybersecurity Concerns: The incident raises questions about the security practices of the US Director of National Intelligence.
Ngoc Vy

Ngoc Vy is a tech journalist specializing in artificial intelligence, emerging technologies, and their societal impact. She combines technical rigor with on-the-ground coverage of Vietnam’s startup ecosystem, from AI ethics debates to gov-tech adoption. Ngoc Vy is also passionate about bridging the gender gap in STEM journalism.